Skip to main content

Quickstart Guide

DataGrail uses Single Sign-On (SSO) providers to manage access to all customer-facing DataGrail environments. Since authentication is handled through these providers, we do not store customer login credentials within our own systems.

Supported Providers

DataGrail supports platform access with the following SSO providers:

View all supported providers
ProviderType
OktaSAML
Microsoft Entra IDSAML
OneLoginSAML
PingOne EnterpriseSAML
VMware Workspace ONE AccessSAML
JumpCloud SSOSAML
Google SSOOIDC
Microsoft SSOOIDC
OIDC (Generic)OIDC

Setting Up SSO

DataGrail provides a self-service onboarding flow to configure SSO for your organization. An admin will receive an invitation email from DataGrail with a link to begin setup.

Persons Needed to Complete Setup: IT Person from your organization

  1. Open the onboarding invitation email from DataGrail and select the setup link.

    DataGrail onboarding invitation email with Access My Account button

  2. Choose your SSO provider type.

    OptionUse When
    SAML 2.0Your organization uses a SAML provider such as Okta, Entra ID, OneLogin, PingOne, VMware, or JumpCloud.
    Google WorkspaceYour organization uses Google as its identity provider.
    Microsoft Entra IDYour organization uses Microsoft as its identity provider via OAuth.

SAML 2.0

If you selected SAML 2.0, configure your identity provider before completing setup in DataGrail.

  1. Follow the configuration instructions for your specific provider:

  2. Return to the DataGrail SSO setup page and provide your SAML metadata using one of the following methods:

    • Upload XML — Upload your identity provider's metadata XML file.
    • Metadata URL — Enter the HTTPS URL where your identity provider hosts its metadata.

    Configure SAML 2.0 screen with Upload XML File and Metadata URL tabs

  3. Select Configure to validate the metadata and test the connection to your identity provider. Once validated, you will be redirected to the login page.

  4. Invite other users in your organization to access DataGrail.

Google And Microsoft OAuth

If you selected Google Workspace or Microsoft Entra ID, no additional identity provider configuration is required.

  1. Select Activate & Login to enable SSO for your organization.

    Activate SSO screen showing configuration summary with Activate and Login button

  2. Invite other users in your organization to access DataGrail.

Generic OIDC Providers

For other OIDC-compliant providers (Auth0, Frontegg, Keycloak, etc.), follow the Generic OIDC configuration guide.

 

Need help?
If you have any questions, please reach out to your dedicated Account Manager or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.